DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41731>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41731 Summary: More decription on signature verification Product: Security Version: unspecified Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Signature AssignedTo: security-dev@xml.apache.org ReportedBy: [EMAIL PROTECTED] signature.checkSignatureValue() should return more than true/false. Ideally, an exception with a method getFailedReference() to find out what part of the signature failed the verification. Possible Exception types: - reference hash failed (provide pointer to that reference) - certificate didn't produce this signature - reference's hashed correctly, but the top-level node hash failed And so on. To preserve the interface of true/false, perhaps provide a getWhatDarnThingFailed() method returning a reference so the calling application can point the user at the right place. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
